jsonrecap

MAL-2025-192812

npmmalware12/23/2025
Description

Malicious code in jsonrecap (npm)

Indicators of Compromise
SHA256 Hashes (3)
0f2988a1bf0dbfd6ff12cb50f4278ad710593f273f8e6e8b594f6d95081ca1aa
a7e3ea65451f642ffd038933f2ca3b5dab39d6ee6979b4783353af6250dc22e9
a41d1fcb63a586513d9cca8b1183243004470500c8db731516479b0a771a3dbb
References (3)
https://socket.dev/blog/north-korea-contagious-interview-npm-attacksOSVhttps://security.snyk.io/vuln/SNYK-JS-JSONRECAP-14152271OSVhttps://thehackernews.com/2025/11/north-korean-hackers-deploy-197-npm.htmlOSV
Details
Ecosystemnpm
Attack Typemalware
Published12/23/2025
Aliases
SNYK-JS-JSONRECAP-14152271
Quick Actions
All Incidentsnpm Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001